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DATA ENCRYPTION SYSTEM AND METHOD 

BACKGROUND OF THE INVENTION 

1. Field of the Invention 

The present invention relates to a data encryption system 
implemented on a computer having a cache memory placed between 
5 a processor rind a main memory, and in particular to data 
encryption system and mcLhod ol encrypting data using 
transformation tables such as substitution tables. 

2. Description of the Related Art 

Symmetric block ciphers such as DES (Data Encryption 
10 Standard) ciphers and fc'UAL (fast data Enciphermcnt ALgoriLhm) 
ciphers typically employ successive iterations, each of which 
contains operations of oxclusive-OR, substitution and 
coordinate permutation . The substitution i s perf ormedby using 
so-called S boxes, which are substitution boxes or, simply, 
15 look-up tab! es havi ng a predetermined number of possible inputs. 
In general, S boxes arc classified according to the number of 
input bits, each S box being indicated by Si box, wherein i 
is the number of input bits, such as 57 box and S9 box. During 
cipher or decipher for one block, each Si box is referred to 
20 a plurality of times. 

An example of a conventional, encryption system will be 
described with reference to Figs. 1A, IB and 2. As shown in 
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Fig. 1A, an encrypt ion system is composed of a program-controlled 
processor (here, CPU) 1, a memory (main memory) 2 into which 
an encryption program 3 is loaded from a disk or the like, and 
a cache memory 4. The cache memory 4 is connected to the CPU 
5 1 by a processor bus 5 composed of data lines, address lines 
and control lines and is connected to the memory 2 by a memory 
bus G composed of data lines, address lines and control lines. 

As known well , the cache memory 4 is a small-capacity memory 
allowing high-speed access compared with Lhe main memory 2. 

10 The cache memory 4 stores the contents of frequently 

accessed main memory locations and addresses. When Lhe CPU 
1 issues a request for data or instruction through the processor 
bus 5, the cache memory 4 checks to sec whether it holds the 
same. If iL holds the same (cache hit) , then the cache memory 

15 4 returns the data to the CPU I . Tf i.t does not hold the same 
(a cache miss) , the cache memory 4 reads a predetermined size 
of data including the requested data or instruction from 
the main memory 2 through the memory bus 6 and stores the 
predetermined size of data while transferring the requested 

20 data or instruction Lo Lhe CPU 1. The predetermined size of 
data read from the main memory 2 is, for example, 32 bytes or 
128 byLeS. Since instructions located near the previously 
executed address are frequently executed, the cache hit rate 
can be increased by storing such a larger size of data in advance 

25 into the cache memory 4, resulting in high-speed access. 

The encryption program 3 instructs the CPU 1 to perform 
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a symmetric bl ock cipher such as DES or FEAL cipher. Its program 
architecture is shown in Fig. IB. A substitution table section 
305 composed of a predetermined number of substitution tables 
is previously provided in Lhe encryption program 3 * (Tor example, 
5 each subsliLuLion table of the substitution table section 305 
has 16 entries each having addresses O-F(H) assigned thereto 
and having hexadecimal numbers 0-F stored therein, as shown 
in Fiq. 2. For example, in the case of input bits VN 0000" = 
0(H), 8(H) stored at the address 0(H) is read out and a 

10 corresponding binary number "1000" is ouLput. As described 
before, the substitution table section 305 is referenced a 
plurality of times to perform substitution by a data 
transformation section 304. 

There are proposed several cryptanalytic methods ot 

15 analyzing the key used in an encryption a Igor i thm, lor example, 
Exhaustive key search, Differential cryptanalysis, and Linear 
cryptana 1 ysis . 

Recently, new cryptanalysis called timinq attack 
which mainly targets public-key encryption systems has been 

20 proposed by Paul C. Kocher ("Timing Attacks on Implementations 
of Dif f ie-Hellman, RSA, DSS, and Other Systems" Advances in 
Cryptology: Proceedings of Crypto 96, Plenum Press, 1395, 
ppl04-113) . According to timing attacks, the secret key 
candidates of a cryptosys tern canbe narrowedbased on differences 

25 in the amount of time requi red to perform power- re si due operation 
that is basic to the public-key cipher. 
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A technique for preventing Lime attacks has been disclosed 
in Japanese Patent Application Unexamined Publication No. 
10-222065. A basic idea of this countermeasure is to change 
in del ay Lime o£ eri tieal paLh for each power-residue operation. 
5 However, in the case where the above-described encryption 

system using the substitution table is implemented on a computer 
having the cache memory 4 therein, a cacVie~aLLd.uk 
crypLanalysis method, which was found by Lhe present inventor 
and will be described later, can narrow the key candidates of 

10 the encryption system to finally find the enti re key by measuring 
the amount of time required to encrypt data. Since the 
cache-attack cryptanalysis method can be applied to symmetric 
ciphers which do noL use any power-residue operations, Lhe 
countermeasure described in the Japanese Patent Application 

15 Unexamined Publication No. 10-222065 becomes ineffective. 
Cache-attack crypta nalysis 

As shown in Fig. 3, it is assumed that an encryption device 
calculates an exclusive OR (XOR) of plain text PO and an n-bit 
key kO to reference an substitution table S and an exclusive 

20 OR of plain Lex L P10 and an n-bit key kl to reference the 

substitution Lablc S. When different entries are looked up 
in the substitution table S r the following relationships are 
obtained : 

PO -XOR. kO -A PI .XOR. kl, and 
25 PO . XOR. PI kO .XOK. kl - Ak — (1) , 

where A k is hereinafter called a key differential. 



2003 09/25 THU 12:48 FAX 03 3288 3222 Katsurasi Patent -> DICKSTEIN&OSHINSKY 



B 010/046 



FQb-612 5 

The formula (1) can be generalized from 2-tablc model 
to n-table model as follows: 

Pi .XOK. ki -t Pj .XOR. kj, and 
Pi .XOR. Pj Jci .XOR. kj - Akij (2), 
5 where i, j 1, 2, 3, ... n. 

The formula (2) indicates the case where the substi tution 
table S is references n times during cipher/decipher process. 
In this case, with regard Lo any two plain text Pi and L?-j , an 
exclusive OR of Pi and an n-bit key ki and an exclusive OR ot 
10 Pj and tin n-bit key kj look up different entries in the same 
substitution table S and further an exclusive OR of Pi and i?j 
is not equal to a key differential Akij which is an exclusive 
OR of any two keys ki and kj . When such a key differential 
Akij is obtained, the range of exhaustive key search can 
15 be narrowed to ?~ N - 2 N . For example, when N bits of Ak = kO . XOR. 
kl arc Obtained, the exhaustive search for N bits of kO causes 
N bits of the other kl to be calculated from the relationship: 
kl = kO. XOR. Ak. Accordingly, the exhaustive search for 2N 
bits of kO and kl can be reduced to that for only N bits of 
20 kO. 

How to obtain the key differential Akij will be described 
with reference to Figs. 4A and 4B. First, as shown in Fig, 
4A, a counter table is prepared, which contains initialized 
counters each corresponding to all possible values of the key 
2b differential Akij. 

Subsequently, an arbitrary pair of plain texts is 
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cxLracted from a set of pi ai.n texts, which would cause different 
entries to be looked up in the substi tuLion table in all rounds 
of the cipher process. Thereafter, a counting step of 
incrementing by one a counter corresponding to a value of the 
5 key differential A ki j which is equal to an exclusive OR of 
the extracted pair of plain texts is repeatedly performed for 
all pairs of the plain texts. As a result, the counters of 
the counter tabic arc updated as shown in Fig. 4B, The counters 
of the counter table each havi ng final l.y ohta tried counter values 
10 are searched for a counter value of zero or an extreme small 
value to identity a corresponding counter, which determines 
a key differential Akij. It should be noted that the extreme 
small value is a val\ae dependi ng on the provability of satisfying 
the formula (2) , 

15 There will be described a method of obtaining a set of 

arbitrary plain texts which will cause different entries to 
be looked up in the substitution table S in all or a considerabl e 
amount of accesses in the case where the substitution table 
S .is referenced n times in a cipher/decipher process. 

20 However, when applying such an encryption program on the 

Conventional encryption system having the cache memory 4 as 
shown in Fig. 1A, there are developed differences in the amount 
of time required to perform encryption/decryption depending 
on given plain /cipher text - Provided with different plain texts , 

25 the data transformation section 304 may look up di f f erent entri es 
in the substitution table, resulting in different cache hit 
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rat.es when the subsLiLuLion tabic is accessed. In other words, 
among given plain/cipher texts, one providinq the highest rate 
o± cache miss needs the longest encrypt i on time . It is estimated 
that a plain/cipher text providing the highest rate of cache miss 
5 increases the possibility of causing different entries to be 
looked up in the substitution table in all or a considerable 
amount of accesses. 
Veri fication 

The present inventor veri fled the above estimation using 

10 a well-known cipher algorithm MIST Yl proposed by Mi tsuruMatsui. 
Detailed descriptions of MISTY1 are provided by Mitsubishi 
Electric Corporation (see "Block Cipher algorithms MISTY! and 
MISTY2" version 1.11 October 2, 1996, and "Sample rrograms of 
MISTY1 in C language" version 1.00 July 22 1996). 

15 Referring to Figs. 5A-5D, MTSTYl is secret-key cipher 

with 64-bit data block and 128-bit secret key, including a data 
randomizing section, which uses two functions FOi and FLi . The 
function FOi uses function Fli j , which uses two substitution 
tables S7 and 59. The substitution table S9 has a 9-bit input 

20 and 512 entries (each 32-biL entry in Sample-Program version) . 
The substitution tabic S7 has a 7 -bit input and 128 entries 
(each 8-bit entry in Sample-Program version). 

The data randomizing section includes 8 functions FOl-FOB , 
each (FOi) o£ which includes 3 functions Flil-fc'ii3. fcach of 

25 the 3 functions KI11-FT13 references the substitution table 
S9 twice and the substitution table S7 once. Accordingly, 
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during an encryption process, the substitution table S9 is used 
48 times (=0x3x2) and the substitution table S7 is used 
24 times (=8x3x1). 

Fig, 6 shows the distribution of the number of plain Lcxts 
5 with respect to cipher time when a number of plain Lcxts are 
encrypted by MISTil. Fig. 7 shows the relationship between 
cipher time and the number of operation entries in subs Li LuL ion 
table S9. Fig. 8 shows the relationship between cipher time 
and Lhe number of opera Lion entries in substitution table S7. 

10 The number of operation entries is defined as the number of 
entries, which are used for encryption in a substitution table. 
The maximum number ol opera Lion entries is 4 8 in the substitution 
tabic S9 and 24 in the substitution table S7 . 

it is understood from figs. 6 and 7 that a plain text 

15 taking T or more cipher Lime causes different entries to be 
looked up in Lhe substitution tabic S9 for almost all accesses. 
Therefore, cache miss occurs every time, thereby taking much 
time for encryption. On the other hand, as shown in Fig. 8, 
in the substitution table Si, the distribution in the number 

20 of operation entries is approximately kept constant 

independently of the cipher time . Since the substitution table 
S7 is a small table with 128 entries, almost all entries are 
loaded into the cache memory 4 after miss hit has been repeated 
several times, thereby the occurrence of miss hit disappearing. 

25 rn contrast, the substitution table S9 is a large table with 
512 entries and therefore the occurrence of miss hit will not 
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disappear. Such an operation-entry distribution difference 
beLween the substitution tables S7 and S9 makes the 
above-described cache attacks ineffective on the substitution 
table S7 arid effective on the substitution table S9. 
5 fig- 9 shows an operation of extracting a set of plain 

texts having a high probability that the substitution table 
S9 is accessed about 48 times during cipher process. First, 
Lhe cipher program of MISTYl is loaded on the memory of a computer 
(step 101). Thereafter, a plain text is generated using 

10 random numbers (step 102) and the cache memory of the computer 
is cleared (step 103) . The qenerated plain text is set as a 
plain text to be encrypted (sLep 104) and the plain text to 
be encrypted is encrypted by MISTYl encryption and Lhe Lime 
required for encryption is measured (step 10b) . Subsequently, 

lb it is determined whether Lhe measured encryption time is equal 
to or greater than a predetermined threshold T (step 106) . The 
threshold T is determined so that a necessary and 
sufficient number of plain texts can be obtained so as to stand 
the formula (?) . The higher the probability of standing the 

20 formula (2), Lhe lower Lhe necessary number of plain texts. 
When Lhe measured encryption time is equal to or; greater than 
the predetermined threshold T (YKS in step 106) , the plain text 
is stored (step 107) and the control goes back to the step 102. 
When Lhe measured encryption time is not greater than Lhe 

2b predetermined threshold T (NO in step 106), the control goes 
hack to the step 102 without storing the plain text. The step* 
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102-107 arc repeatedly periormcd Lo obtain a sufficient number 
ol" plain texts havinq a hiqh probability that the substitution 
table S9 is accessed about 48 times during cipher process. 
Based on the plain texts obtained like this, the key 
5 differential AJc is determined using the method as shown in 
E'igs. 4A and 4B and the key candidates of the encryption system 
are narrowed. And finally the entire key is determined by using 
exhaustive search of the narrowed key candidates Lo determine 
the remaining bit values of the key. 

10 As described above, in an encryption system implementing 

the encryption program using substitution tables on a computer 
having a cache memory, the cache-attack cryptanalysis method 
can narrow the key candidates of the encryption system to final 1 y 
find the entire key by measuring the amount ot time required 

lb to encrypt data. Accordingly, the cache-attack 

cryptanalysis method may be a kind of timing attack. Since 
the cache-attack cryptanalysis method can be applied to 
symmetric ciphers which do not use any power-res i due operat i ons, 
the countermeasure descri bed in the Japanese Patent Application 

20 Unexamined Publication No. 10-222065 become* ineffective. 

SUMMARY OF THE INVENTION 

An object of the present invention is to provide an 
encryption system and method, which can provide a 
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defensive measure against the cache-attack cryptanalysis . 

According to the present invention, a daLa encryption 
system for performing encryption/decryption of a given 
plain/cipher text using transformation tables which transforms 
5 bit strinqs of the given plain/cipher text, inciudes : a memory 
for storing an encryption program including the transformation 
tables each of which contains a predetermined number o£ entries, 
wherein a tarqeted transformation table is previously 
identif i ed from the transformation tables depending on whether 

10 the targeted transformation table exhibits a trend of increasing 
in the number of operation entries as a length of encryption 
time becomes longer; a program-controlled processor for 
executing Lhc encryption program; a cache memory placed between 
the memory and the program-controlled processor; and an entry 

15 loading section for loading at least one part of the targeted 
transformation table into the cache memory. 

The entry loading section may load the at least one part 
of the targeted transformation table into the cache memory before 
the encrypti on/decryption of the given plain/cipher text . The 

20 entry loading section may load all transformation tables into 
the cache memory , wherein the targeted transformation table 
is loaded after the other transformati on tables have been loaded 
into the cache memory. The entry loading auction may load all 
transformation tables with priorities into the cache memory,. 

2b in which a transformation table with higher priority is left- 
longer in the cache memory, wherein higher priority is assigned 
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to the targeted transformation table compared with the other 
transformation tables. The entry loading section may load the 
at least one part of the targeted transformation table into 
the cache memory at a plurality of timings before the 
5 encryption/decryption of the given plain/cipher text. 

As another aspect of the present invention, the entry 
loading section includes: a management table containing a 
plurality of management entries each corresponding Lo the 
entries of the targeted transformation table, each management 

10 entry indicating whether a corresponding entry of the targeted 
trans formation table has been used; and a unused-entry manager 
for loading unused entri es of the targeted transformation table 
into the cache memory by referencing the management table - 
The targeted transformation table may be identified by 

lb calculating a use rate of a number of operation entries to a 
total number of entries for each of the transformation tables 
and selecting a transformation table having a smaller use rate 
as the targeted transformation table. 

According to the present invention, a data encryption 

20 system for performing encryption/decryption of a given 

plain/cipher text using transformation tables which transforms 
bit strings of the given plain/cipher text, includes: a memory 
for storing an encryption program including the transformation 
tables each of which contains a predetermined number of entries; 

2b a program-controlled processor for executing the encryption 
program; a cache memory placed between the memory arid the 
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program-controlled processor; and a cache-miss generating 
section for generating a cache miss so as to make a number ol 
cache misses uniform for any plain/cipher text. 

The cache-miss generating section may include: 
5 a management table containing a pi ural i ty of management entries 
each corresponding to the entries of each transformation tabic, 
each o£ Lhe management entries indicating whether a 
corresponding entry of the transformation Lable has been used; 
and a cache-mi ss generating section tor generating a cache miss 

10 a number of times which is equal to a difference between a number 
oi" usable entries and a number of used entries ol the 
transformation table, wherein the used entries are identified 
by referencing Lhe management table. 

The cache-miss generating section may include: a 

15 count management table containing a plurality of management 
entri es each corresponding Lo Lhe entries of each transformation 
table, each of the management entries indicating a number oi: 
Limes a corresponding entry of the trans! ormaLion table has 
been referenced; and a cache-miss generating section for 

20 generating a cache miss a number o£ Limes which is equal to 
a number oi cache hits for the transformation table, wherein 
the number of cache hits is obtained based on management entries 
having a count value of dL leasL 2. The cache-miss generating 
section may generate a cache miss each time a count value of 

2b a management entry exceeding 1 is i.ncremenLed. 

'f'lie Ircuialoriucilion t able may be a Largeted trans f ormaLion 
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table which is previously identified from the Lransf ormation 
tables depending on whether the targeted Lransf ormation table 
exhibits a trend of increasing in the number of operation entri es 
as a length of encryption time becomes longer. As a 
5 simplified method, the targeted transformation table may be 
identified by calculating a use rate of a number of operation 
entries to a total number of entries for each of the 
transformation tables and selecting a transformation table 
having a smaller use rate as the targeted transformation table. 

10 According to further another aspect u£ the present 

invention, a data encryption system includes amemory for storing 
an encryption program including the transf ormati on tables each 
of which contains a predetermined number of entries, which 
includes at least one transformation table group containing 

15 N trans! ormation tables having same contents, wherein a 
transformation table Is referenced N times for an 
encryption/decryption process ot a single plain/cipher text; 
a program-controlled processor for executing the encryption 
program; and a cache memory placed between the memory and the 

20 program-controlled processor , wherein, each time accessing the 
transformation table group, a different one o£ the N 
transformation tables is reterenced within the accessed 
transformation table group. 

As described above, according to the present invention, 

25 the number of cache misses for a transformation table can be made 
uniform lor any plain/cipher text, which causes 
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encryption/decryption time to be made substantially equal 
independently of the number of operation entries for the 
transformation tabic. Accordingly, it is very difficult to 
extract plain texts used to determine a key differential, 
5 resulting in di£ Jticul ties in cryptanalysis. 



BRIEF DESCRIPTION OF THE DRAWINGS 

Fig. 1A is a block diagram showing an example of a 
conventional encryption system; 

Fig. IB is a diagram showing a program architecture of 
10 the conventional encryption system; 

Fig. 2 is a schematic diaqram showing an example of a 
substitution table ; 

Fig. 3 in a schematic diagram showing a simplified data 
randomizing section for explanation of a cache-attack 
15 cryptanalysis method; 

Fig. 4A is a schematic diagram showing an initialized 
counter table used to obtain a key differential A k; 

Fig. 4B is a schematic diagram showing a finally obtained 
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counter table to explain how to obLain the key differential 

Fig, 5A is a diagram showing a daLa randomizing section 
Of MISTYl; 

fj Fig. 5B is a diagram showing the structure of function 

FLi in the data randomizing section of MISTYl; 

Fig- 5C is a diagram showing the structure of function 
FQx in the daLa randomizing section of MISTYl; 

Fig. 5D is a diagram showing the structure of function 
10 Flij in the datu randomizing section of MISTYl; 

Fig. 6 is a graph showing the distribution of the number 
of plain texts with respect Lo cipher time when a number ot 
plain texts are encrypted by MISTYl; 

Fig. 7 is a rii a gram showi ng the relationship be L ween cipher 
15 time and the number of operation entries in substitution table 
59; 

Fig . 8 is a diagram showing the relationship between cipher 
time and the number of operation entries in substitution table 
S7; 
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Fig- 9 Is a flowchart showing an operation of extracting 
a set of plain texts having a high probability that the 
substitution table S9 is accessed about 48 times during cipher 
process; 



according to a first embodiment of the present invention; 

Fig. 1 OB is a diagram showing a program architect uce of 
the encryption system according to the first embodiment ; 

Fig. 11A is a block diagram showing an encryption system 
10 according to a second embodiment of the present invention; 

Fig. 11R is a diagram showing a program architecture of 
the encryption system according lo the second embodiment; 

Fig. 11C is a diagram showing an example of a 
use-entry management table employed in the encryption system 
15 according to the second embodiment; 

Fig. 12A is a block diagram showing an encryption system 
according to a third embodiment ol the present invention; 



5 



Fig, 10A is a block diagram showing an encryption system 



Fig. 12K is a diagram showing a program architecture of 
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the encryption system according to Lhc third embodiment; 

Fig. 13A is a block diagram showing an encryption system 
according to a fourth embodiment of Lhe present, invention; 

Fig. 1 3R is a diagram showing a program architecture of 
5 the encryption system according to the fourth embodiment; 

fig. 13C is a diagram showing an exampie of a 
use-entry management table employed in the encryption system 
according Lo the fourth embodiment; 

Fig r 14A is a block diagram showing an encryption system 
10 according to a fifth embodiment of the present invention; 

Fig. 14B is a diagram showing a program architecture of 
the encryption system according Lo the fifth embodiment; 

Fig. 15A is a block diagram showing a first, example of 
an encryption system according to a sixth embodiment of the 
15 present, invention; 

Fig. 1!3B is a diagram showing a program architecture of 
the first example o£ the encryption system according to the 
sixth embodiment ; 
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Fig. 16A is a block diagram showing a second example of 
an encryption system according to the sixth embodiment; 

Fig. 16B is a diagram showing a program architecture of 
Lho second example of the encryption system according to the 
5 sixth embodiment; 

Fig. 17A is a block diagram showinq an encryption system 
according to a seventh embodiment of the. present invention; 

Fig. 17B is a diagram showing a program architecture of 
the encryption system according to the seventh embodiment; 

10 Fig. 18A is a block diagram showing an encryption system 

according to an eighth embodiment of the presenL invention; 

Fig. 18B is a diagram showing a program architecture of 
the encryption system according to the eighth embodiment; 

Fig. 1 9A i.s a block diagram showing an encryption system 
15 according to a ninth embodiment of the present invention; 

Fig. 19B is a diagram showing a program ar chitecture u£ 
the encryption System according to the ninth embodiment; 

Fig. 20A is a block diagram showing an encryption system 
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according to a tenth embodiment of the present invention; and 

Fig. 20B is a diagram showing a program architecture of 
the encryption system according to Lhc tenth embodiment - 

DESCRIPTION OF THE PREFERRED EMBODIMENTS 

5 First Emb odiment 

Referring to Fig. 10A, an encryption system according 
to a first embodiment ol the present invention is composed oi 
a program-control Led processor (here, CPU) L, a memory 
(main memory) 2 into which an encryption program 3A is loaded 

10 from a disk or the like, and a cache memory 4 . The cache memory 
4 is connected to the CPU 1 by a processor bus 5 composed of 
data lines, address lines and control lines and is connected 
to the memory 2 by a memory bus 6 composed of data lines, address 
lines and control lines. 

15 As known well, the cachememory 4 is a small-capacity memory 

allowing high-speed access compared with the main memory 2. 
The cache memory 4 stores the contents ol frequently 
accessed main memory locations and addresses, when the CPU 
1 issues a request for data or instruction through the processor 

20 bus 5, the cache memory 4 checks to see whether a cache hit 
occurs- II' a cache hit occurs, then the cache memory 4 returns 
the hit data to the GLHJ 1 . I f a cache miss occurs, the cetche memo;' y 
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4 reads a predetermined size of data including the requested 
data or instruction from the main memory 2 through the memory 
bus 6 and stores the predetermined size of data while 
transferring the requested daLa or instruction to the CPU l. 
5 The predetermined size of data read from the main memory 2 is, 
for example, 32 bytes or 128 bytes. 

The encryption program 3A instructs the CPU 1 to perform 
a symmetric block cipher such as DES or FEAL cipher using a 
transf ormation table to perform bit-string transformation. 

10 The structure and operation of the encryption prog cam 3A will 
be described with reference to Fig. 10B. 

It should be noted that a major part of encryption operation 
is the substantially same as that of decryption operation, 
provided that the key generation and the data transformation 

15 in the decryption operation are performed in inverse order. 
Therefore, hereinafter, encryption and decryption are denoted 
by encryption/decryption, and an input text is denoted by a 
pi a in/cipher text . 

Referring to Fig. 1013, the encryption program 3A is 

20 composed of a key generation section 303 and a data randomizing 
section including an input section 302, a preload section 311, 
a data transformation section 304, and an output section 306. 
The data trans forma tl on sect i on 304 performs substitution using 
a substitution table section 30b, which is composed of a 

25 predetermined number of substitution tables. 
1) Targeted substitution table 
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Among the substitution tables included in the substitution 
table section 305, a substitution table which is most likely 
to be attacked (hereafter, a targeted substitution tabic) i3 
previously selected based on the cipher algorithm of the 
5 encryption program 3A. In the case of M1STY1 as shown in Figs. 
bA-5D, the substitution table S3 should be selected as the 
targeted subs tiLution table because the number of operation 
entries varies according to encryption time as shown in Fig. 
7. In general, a targeted transformation table is a 

10 transformation table exhibiting a trend of increasing in 

the number of operation entries according to encryption time. 
Alternatively/ a simple method for identifying the targeted 
transformation table is to identify a transformation table 
hav.i ng a small use ratio ol the total number of referenced entries 

15 (operation entries) to the total number of entries. 

As shown in Fig. \QB, when the encryption prograin 3A is 
called and started (step 301), the input section 302 inputs 
a plain/cipher text arid performs initial permutation thereof. 
The preload section 311 loads the targeted substi tuti on table 

20 inLo the cache memory 4 before the data transformation section 
304. 

2) Preloading scheme 

The preload section 311 is an entry loading means for 
adjusting the number of cache misses to be made approximately 
2Fi equal for any plain/cipher text by preloading all or a part 
of entries of the targeted substitution table into the 
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cache memory 4. For example, preloading all entries of the 
targeted substitute on table into the cache memory 4 is performed 
once, which causes the cache hit rate for the targeted 
substitution tabl e to become 1 00%, in other words, the cache miss 
b rate for the targeted substitution table to become zero. 

The data transformation section 304 repeatedly performs 
the basic transf ocmaL i.on of mixing the plain/cipher text after 
initial-permutation with extended keys generated by the key 
generation section 303 by referencing the substitution table 
10 section 305. As described before, since the targeted 

substitution table has been loaded in the cache memory 4 by 
the preload section 311, there is a high probability that 
accessing the targeted substitution tab! e causes the occurrence 
of a cache hit. 

15 For example, when ail entries of the targeted substitut ioxi 

table arc preloaded into the cache memory 4, the cache hit rate 
lor the targeted substitution table becomes 100%. in other 
words, the cache miss rate foe the targeted substitution table 
becomes zero. Since the cache miss rate for the substitution 

20 tables other than the targeted substitution table is 

substantially kept at a constant value C, any cipher /decipher 
text exhibits the approximately same number of cache misses 
during the encryption/decryption process, causing the time 
required for encryption/decryption to be approximately equal. 

25 Accordingly, it is very difficult to extract plain texts, which 
are used to determine a key different ial A k that is the keystone 
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in the cache-attack cryptanalysis, resulting in effective 
defensive measure against the cache-attack cryptanalysis. 

The data obtained by the data transformation section 304 
is subjected to i n verse initial permutation by the output section 
5 306 to produce a finally obtained cipher/plain text, which is 
returned to the main program that called the encryption program 
3A. In this way, the encryption process for a single 
plain/cipher tcxL is terminated (step 307). 
3) Other preloading schemes 

10 In the above-de3crtbed example , only the targeted 

transformation table which exhibits a trend of increasing in 
the number of operation entries according to encryption time 
is preloaded into the cache memory 4, However, the present 
invention is not limited to this example. if the cache memory 

15 4 has a sufficient capacity, all substitution tables ol the 
substitution table section 305 are preloaded into the 
cache memory 4- [n this case, a substitution table to be left, 
which is most likely to be aL tacked, is loaded after other 
substitution tables have been loaded into the cache memory 4. 

20 The reason is that the substitution table to be left ia prevented 
from removal from the cache 4 according to a sweep algorithm 
such as t.ru (T.east Recently Used) algorithm. 

Al ternati vely , in the case of a computer having a f unct ion 
ol providing priority to data stored in the cache memory 4, 

25 since data with higher priority is removed later, the target 
substitution table should be attached with high priority and 
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be loaded into the cache memory 4 . 

The first embodiment is directed to the symmetric key 
encryption such as DES, in which a section of referencing the 
substitution table section 305 is provided within the data 
b transformation section 304 in the encryption program 3A. 

Accordingly,, the preload section 311 is located immediately 
before the data transformation section 304. As another 
preloading scheme, the preloading step ol the preload section 
311 may be perlormed immediately after the start step 301- In 

10 this case, the first embodiment can be applied to the symmetric 
key encryption in which not only the data transformation section 
304 but also the input section 302 and the key generati on secti on 
303 can reference to the substitution table section 305, 
further, the preloading step can be perlormed at a 

15 plurality of locations or timings. For example, the preloading 
Step is perlormed immediately after the star step 301 and 
immediately before the data transformation section 304, 
Furthermore, it is possible to separately call a preloading 
program for preloading the targeted or necessary substitution 

20 table into the cache memory 4 before calling the encryption 
program 3A. 

As described before, the preload section 311 is capable 
of adjusting the number of cache misses to be made approximately 
equal lor any plain/cipher text by preloading all or a part 
2b of entries of the targeted substitution table into the 

cache memory 4 , All entries of the targeted substitution table 
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are not always preloaded inLo the cache memory 4. For example, 
about one hall o± the entries of the tarqeted subst ituLion 
table may be preloaded .into the cache memory 4. Such part 
preloading also allows Lhe number o£ cache misses to be made 
5 approximately equal to some extent for any plain/cipher text. 

Second Embodiment 

Rclerring to Fig. 11A, an encryption system according 
to a second embodiment of the present Invention is composed 
of the same hardware components as the first embodiment; the 

10 CPU!, the memory 2 , and the cache memory 4 , wherein an encryption 
program 3B is loaded into the memory 2. 

Referring to Fig, 11B, the cncryplion program 3B is 
composed o£ a key generation section 303 and a data randomizing 
section including an input section 302, a data transformation 

15 section 304 including a used-entry management section 312, a 
unused-entry loading section 313, and an output section 306. 
The data transformation section 30 4 performs substitution using 
the substitution table section 305, which is composed of a 
predetermined number of substitution tables. 

20 The used-entry management section 312 uses a management 

table to manage entries, which have been actually used in 
encryption/decryption process among the entries of the 
substitution table section 305. 

The unused-entry loading section 313 accesses and loads 

25 entries which have not been actually used in 
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encryption/decryption process among the entries of the 
substitution table section 305. A combination of the 
used-entry management section 312 and the unused-entry loading 
section 313 provides a an entry loading means for adjusting 
5 the number oi" cache misses to be made approximately equal for 
any plain/cipher text. Hereafter, the used-entry management 
section 312 and Lhe u nu sed-en Lry loading section 313 will be 
described in dcLail. 

Fig. 11C shows cin example of the management table of the 

10 used-entry management section 312. The management table is 
provided for each substitution table having a high probability 
of attacks by the eache^attaek cryptanalysis and has as many 
entries us a corresponding substitution table. Cach entry of 
the management table is initialized to a value indicating that 

15 it. isnot used at the start time of encrypt ion /decrypt ion process . 
Tn Fig, lie, "unused" is denoted by a symbol "X". Every time 
an entry of a substitution table having a high probability of 
attacks is reCerenced duri ng the encryption/decryption process , 
a corresponding entry of a corresponding management table is 

20 changed Lo a value indicative of "used". In Fig. 11C, "used" 
is denoted by a symbol vx O". In other words, the entry of the 
substitution table corresponding to an entry labeled with "O" 
in the management table is an operation entry. 

When the substitution table section 305 is not referenced 

25 in the encryption/decryption process any longer, the 

unused-entry loading section 313 references the management 
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table o£ Fig. 11C to execute ioading / that is f referencing and 
reading, all entries that have never been referenced, for each 
substitution table having a high probability o£ attacks. 

Assuming the subs ti LuLiori table S9 of MISTYl as the 
5 substitution table having a high probability of attacks, the 
total number of entries in the substitution table S9 is 512, 
and the maximum number of operation entries opecaLing in 
encryption/decryption for a single text is 48- As described 
in K1g. 9, attackers may clear the substitution table S9 before 

10 starting the encryption program 3D and therefore, when a single 
plain text is encrypted, the maximum number of cache misses 
for the substitution table S9 is 48. It is further assumed 
that, when a single plain text is encrypted, the minimum number, 
of cache misses for the substitution table 39 is 1, which may not 

15 be developed. 

Tn the case where the number of cache misses is a maximum 
of 48, the number of operation entries is also 48 and therefore 
the unused-entry loading section 313 reads 464 512 - 48) 

entries. In this case, the number of cache misses becomes "a 

20 small certain value" because there are left in the cache memory 
4 many other entries that have never been referenced in the 
substitution table S9 after 48 Gcichc: misses have occurred- On 
the other hand, in the case where the number of cache misses 
is a minimum ol 1, the number oi operation entries is also 1 

2b and therefore the unused-entry loading section .113 reads 511 
(« 512 - 1) entries. In this case, the number of cache misses 
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becomes "a large certain value" because there are not left in 
the cache memory 4 many other entries that have never been 
referenced in the subst.1 tuti on table S9 after only one cache miss 
have occur ced. Accordingly, lhe finally obtained number of 
5 cache misses becomes 40 + M a small certain value" when Lhe number 
of cache misses is the maximum of 48, and 1 l "a large certain 
value" when the number of cache misses is the minimum of 1, 
which means bhat the difference between them becomes smaller. 
This provides the counterrneasure against Lhe cache-attack 

10 cryptanalysis based on the same reason as Lhe first embodiment 
as described beiore. 

In the above description, the unused entries for only 
substitution tables having a high probabiliLy of cache-attack 
are loaded in Lhe unused-entry loading section 3J.3. The unused 

15 enlrie3 for all substitution tables may be loaded Lo achieve 
the similar advantages. 

Third Embodiment 

Referring to L-'ig. 12A, an encryption system according 
to a third embodiment of the present invention is composed of 
20 the same hardware components as the firs I embodiment: the CL'U 
1, the memory 2, and the cliche memory 4, wherein an encryption 
program 3C is loaded into the memory 2. 

Referring to Fig. 12B, the encrypLion program 3C is 
composed of a key generation section 303 and a data randomizing 
25 secLion including an input section .102, a data transformation 
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section 304 including a used-entry management section 312, a 
cache-miss generation section 314, and an output section 306, 
The data transformation section 304 performs substitution using 
the substitution table section 305, which is composed of a 
5 predetermined number of substitution tables. 

The used-entry management section 312 uses a management 
table to manage entries, which have been actually used in 
encryption/decryption process among the entries of the 
substitution table section 3 05. 

10 The cache-miss generation section 314 generates as many 

cache misses as a difference between the maximum number of usable 
entries and the number of actually used entries in a 
encryption/decryption process. A combination of the 
used-entry management section 312 and the cache-miss generation 

lb section 314 provi des a cache-miss adjusting means for adjusting 
the number of cache misses to be made approximately equal for 
any plain/cipher text. Hereafter, the used-entry management 
section 312 and the cache-miss generation section 314 will be 
described in detail. 

20 The management, table of the used -entry management section 

312 as described before (sec Fig. 11C) is provided for each 
substitution table having a high probability of attacks by the 
cache-attack cryptanalysis and has as many entries as a 
corresponding substitution titble . When the substitution table 

25 section 305 is not referenced in the encryption/decryption 
process any longer, the cache-miss generation section 314 
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references the management table of Fig. 11C Lo calculate an 
adjusting value that is a difference between the maximum number 
of usable entries and the number of actually used entries for 
each substitution table having a high probability of attacks . 
5 Thereafter, the cache-miss generation section 314 generates 
as many cache misses as the adjustinq value. Such cache-miss 
generation can be performed by, for example, issuing a read 
request to the memory 2 at intervals of a time period equal 
to or longer than Lhe data size that is permitted to be written 
10 into the cache 4 at a time. 

As in the case of the first embodiment, consider the 
substitution table S9 oi MISTY1 as the substitution table having 
a high probability of attacks, having 512 entries and up to 
48 operation entries. As described in Fig. 3, attackers may 
lb clear the substitution table S9 before starting the encryption 
program 3B and therefore, when a single plain text is encrypted, 
the maximum number of cache misses for the substitution table 
S9 is 48. It is further assumed that, when a single plain text 
is encrypted, the minimum number or cache misses for the 
20 substit.uLi.oa table S9 is 1. 

In the case where the number of cache misses is a maximum 
of 48, the number of operation entries is also 48 and therefore 
the cache-miss generation section 314 calculates the adjusting 
value o£ 0 (- 48 - 48) . Therefore, no further cache miss is 
25 generated. On the other hand, in the case where the number 
of cache mi sses is a minimum of 1, the number of operation en tjciea 
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is also 1. Therefore the cache-miss generation section 314 
calculates the adjustinq value of 47 48 - I) and generates 
a cache mi ss 47 times, resulting in the finally obtained number 
of cache misses being 48 (- 1 + 47) . In this manner, Lhc number 
5 of cache misses is made uniform. This provides the effective 
countermeasure against the cache-attack crypf.anal ysis based 
on the same reason as the f i rst embodiment as described before. 

In the above description, the cache-miss generation is 
performed for only substitution tables having a high probabil i ty 
10 of cache-attack. The cache-miss generation may be performed 
lor all substitution tables to achieve the similar advantages. 

Fourth Embodi mcn L 

Referring to fig. 1,3a, an encryption system according 

to a fourth embodiment oi the present invention is composed 
15 of the same hardware components as the first embodiment: the 

CPU1, the memory 2, and the cache memory 4 , wherein an encryption 

program 3D is loaded into the memory 2. 

Referring to F1g. 13B, the encryption program 3D is 

composed of a key generation section 303 and a data randomizing 
20 section including an input section 302, a data transformation 

section 304 including a used-entry management section 315, a 

cache-miss generation section 316, and an output section 306. 

The data transformation section 304 performs substitution using 

the substitution table section 305, which is composed of a 
25 predetermined number of substitution tables. 
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The used-entry management section 315 uses a management 
table to manage the number of cache hits Cor Lhe substitution 
table section 305 in encryption/decryption process. The 
cache-miss generation section 31.6 generates as many cache misses 
5 as the cache hits. A combination of Lhe used-entry management, 
section 315 and the cache-miss generation section 31 6 provides 
a cache-miss adjustment means for adjuatiny Lhe number of 
cache misses to bo made approximately equal for any plain/cipher 
text. Hereafter, the used-entry management section 315 and 
10 lhe cache-miss generation section 316 will, be described in 
detail. 

Fig. 13C shows an example of the management table of the 
used-entry management section 315. The management table is 
provided for each substitution table having a high probability 

15 of attacks by the cache-attack crypt analysis and has as many 
entries as a corresponding substitution table- Each entry of 
the management table is initialized to zero at the start time 
of encryption/decryption process. Every time an entry of a 
substitution table having a high probability of attacks is 

20 itiferenccd during the encryption/decryption process, the 

used-entry management section 315 increments a corresponding 
entry of a corresponding management table by one. 

When the substitution table section 305 is not referenced 
in the encryption/decryption process any longer, the cache-miss 

75 generation section 315 references the management table of Fig. 
13C to calculate the total number of cache hits and generates 
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as many cache misses as the cache hits. Such cache-miss 
generalion can be performed by, for example, issuing a read 
request to the memory 2 at intervals of a time period equal 
to or longer Lhaii I he ddta si^e LhaL is permitted to be written 
5 into Lhc cache 4 at a time. 

As in the case of the first embodiment, consider the 
substitution table S9 of MISTYl as the substitution tabl e having 
a high probability of attacks, having 512 entries and up to 
48 operation entries. As described in Fig. 9, attackers may 

10 clear the substitution table S9 before starting the encryption 
program 3B and thoreiorc, when a single plain text is encrypted, 
the maximum number of cache misses for the substitution table 
S9 is 48. Tt Is further assumed that, when a single plain text- 
is encrypted, the minimum number of cache misses for the 

15 substitution table S9 is 1. 

in the case where the number of cache misses is a maximum 
of 48, the number of operation entries is also 48 and therefore 
48 entries of the management table of Fig. 13C have a value 
of 1 and the remaining entries have an initial value of 0. The 

20 cache-miss generation section 316 obtains the total number of 
cache hits by calculating the sum of values obtained by 
subtracting 1 from the value of each of entries that is not 
smaller than 2. In this case, the total number of cache hits 
is 0. Therefore, no further cache miss is generated, resulting 

25 in the total number of cache misses being 48. On the other 
hand, in Lhe case where the number of cache misses is a minimum 
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of 1, the number of operation entries is also 1. Therefore, 
one enLry oi the management tabic of Fig. 13C has a value of 
48 and the remaining entries have an initial, value oi 0. The 
cache-miss generation section 316 cdlculalca 4 7 (=48-1) cache 
5 hits and generates a cache miss 4 7 times, resulting in the finally- 
obtained number of cache misses being 48 (= 1 i 47). In 
this manner, the number of cache misses is made uniform. This 
provides the effective count ermeasure against the cache-attack 
cryptanal ysi s based on the same reason as the first embodiment 

10 as described before. 

In the above description, the cache-miss generation is 
performed for only substitution tables having a high probability 
of cache-attack. The cache-miss generation may be performed 
for all substitution tables to achieve the similar advantages. 

lb As a second example of the present embodiment, the 

used-entry management section 315 may have a function of 
generating a cache miss. The used-entry management section 
315 monitors the management table of Fig. 13C and, every time 
a cache hit occurs and thereby the incremented value of any 

20 entry becomes equal to or greater than 2, the 

used-entry management section 315 generates a cache miss once. 
This second example can also provide the effective 
eountermeasure similar to the above-described first example. 



25 



Filth Embodi ment 

Referring to Fig. 14A, an encryption system according 
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to a fifth embodiment, of the present: invention is composed oi 
t.he same hardware? components as the first embodiment: the CPU 
1, the memory 2, and t.he cache memory 4, wherein an encryption 
program 3E is loaded into the memory 2. 
5 Referring to Fig. 14B, the encryption program 3K is 

composed of a key generation section 303 and a data randomizing 
section including an input sucLion 302, a data transformation 
section 304/ and an output section 306. The data transformation 
section 304 performs substitution by referencing a substitution 
10 table section 305. 

Assuming that a substitution tabie is referenced N times 
£or an encryption/decryption process of a single plain/cipher 
text, t.he substitution table section 305 is composed of a 
plurality oi substitution tables including a targeted 
15 substitution table group containing N tarqeted substitution 
tables 305-1 to 305 N having the same contents . 

When a single plain/cipher text is encrypted by the data 
transformation section 304 referencing the substitution table 
section 305, the data transformation section 30 4, each time 
20 accessing the targeted substitution table group, references 
a different one of the targeted substitution tables 305- to 
305-N within the accessed targeted substitution table group. 

As described above, with each reference to the targeted 
substitution table group, some cache misses inevitably 
25 occur, making the number of cache misses for each substitution 
table uniform for any plain/cipher text. 
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The subsLilulion Lable section 305 may be composed oi 
a plurality oi: substitution tables, which are divided into a 
predetermined number of substitution table groups, each group 
containing N subs Li Lut ion tables 305-1 Lo 30S-N having the same 
5 contents. 



S i.x th Embodimen L 

According to a sixth embodiment of the present invention, 
a length of encryption/decryption time i s adjusted so as to make 
it difficult to determine a key differential. Here, two 
10 examples oi Lhc sixth embodiment will be described below. 
1) First example 

Referring to Fig. 15A, an encryption sysLem according 
to a first example o± the sixth embodiment of the present 
invention is composed of the same hardware components as the 
15 first embodiment: the CPU 1, the memory 2, and the cache memory 
4, wherein an encryplion program 3F its loaded into the memory 
2. 

Referring to big. 15B, the encryption program 3F is 
composed of a key generation section 303 and a data randomizing 

20 section inoludi nq a timer start section 321, an input section 
302, a data translormoit ion section 304 r an output section 306, 
a timer determination section 322, and a waiting section 323. 
A timer T used in the sixth embodiment may be a timer incorporated 
in the CPU 1 or a software routine included in the encryption 

25 program 3F. The data transformation section 304 performs 
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Substitution using the substitution table section 305, which 
is composed of a predetermined number of substitution babies. 
A combination of the timer start section 321, the timer 
determination section 322, and the waiting section 323 provides 
5 a time adjustment means for adjusting a length of 

encryption/decryption time for any plain/cipher text to a 
predetermined time . 

When the encryption program 3F is called and started (step 
301), Lhe timer start section 321 starts the timer T and the 

10 input section 302 inputs a plain/cipher text and per forms initial 
permutation thereof. The data transformation section 304 
performs the substitution using the key generation section 303 
and the substitution table section 305 as described before. 
The data obtained by the data transformation section 304 

15 issubjected to inverse ini tial permuLa Lion by the output section 
306 to produce a finally obtained cipher/plain text . Thereafter, 
Lhe timer determination section 322 determines whether the 
current time count of the timer T is smaller than a 
predetermined maximum time Tmax* When it is determined that 

20 T < Tnidx (YES) , the waiLing section 323 prolongs Lhe 

encryption/decryption time by a difference time interval Tmax - 
T. When it is determined that T >= Tmax (NO) or the waiting 
section 323 completes the waiting step, the finally obtained 
cipher/plain text is returned to the main program that called 

25 the encryption program 3F\ Tn this way, the 

encryption/decryption process for a single plain/cipher text 
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is Lcrminated (step 307). 

The maximum time Tmax is determined dependinq on the 
encryption time distribution. For example, the maximum 
encryption time as shown in Fig. 6 may he used as the maximum 
5 time Tmax. A time slightly longer than the maximum encryption 
time in Fig. 6 may be used as the maximum time Tmax. 

According to the first example of the sixth embodiment, 
a length of encryption/decryption time for any plain/cipher 
text Is made uniform at aconnd the maximum encryption time. 
10 Accordingly, Lhc first example provides the effective 
countermeasure against the cache-attack cryptanalysis . 
2) Second example 

Referring Lo Fig. 16A, an encryption system according 
to i\ second example of the sixth embodiment is composed of the 
15 same hardware components as the first embodiment; the CPU 1, 
the memory 2, and the cache memory 4, wherein an encryption 
program 3G is loaded into the memory 2. 

Referring to Fig. 16B f the encryption program 3(A is the 
same as the encryption program 3F of Fig. 15B, provided that 
20 the time weighting section 323 is replaced with a constant 
waiting section 324. Here, a combination ol the timer start 
section 321, the timer determination section 322, and the 
constant waiting section 324 provides a time adjustment means 
for adjusting a length o± encryption/decryption time for any 
25 plain/cipher text. A.s described before, the timer 

determination section 322 determines whether the current time 
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counL o± the timer T is smaller lhan a predetermined maximum 
timeTmax. When it is determined that T < Tmax (YES), theconstant 
waiting section 324 prolongs the encryption/decryption time 
by d constant time period Tc. 
5 As in the case of the maximum time Tmax, the constant 

time period Tc can be also determined depending on the encryption 
time distribution. For example, the constant time period Tc 
is set to a half the maximum encryption time. A time period 
slightly shorter or longer than a half the maximum encryption 

10 time In Fig . 6 may be used as the constanL Lime period Tc. Since 
the peak of the distribution is located around the center as 
shown in Fig. 6, a peak of encryption time distribution after 
the constant wailing section 324 is shifted Lo around Lhe maximum 
encryption time. Accordingly, plain/cipher texts exhibiting 

15 the actual maximum encryption time are mixed with the shifted 
peak of the distribution of Fig. 6, and thereby making it very 
difficult to extract plain texts used to determine a key 
differential and providing an effective countermeasure against 
the cache-attack cryptanalysis . 

20 Seventh Embodiment 

According to a seventh embodiment of the present invention, 
a 1 ength of encryption/decrypt i on time i s adjusted so as to make 
it difficult to determine a key differential. 

Referring r.o Fiq. 1 7A, an encryption system according 
25 to the seventh embodiment is composed of the same hardware 
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components as the first embodiment : the CPU 1, the memory 2, 
and the cache memory 4, wherein an encryption program 3H. is 
loaded into the memory 2 . 

Rcicrring to Fig. 17B, thu encryption program 3F is 
5 composed of a key generation section 303 and a data randomizing 
section including a timer start section 321 , an input section 
302, a data transformation section 304, an output section 306, 
a timer determination section 322, a first random number 
generation section 3?5, a random number determination section 

10 32 6, a second random number generation section 327, and a waiting 
section 328. A timer T used in the seventh embodiment may be 
a timer incorporated in the CPU 1 or a software routine included 
in the encryption program 3H. The data transformation section 
304 performs substitution using the substitution table section 

15 305, which i s composed of a predetermined number of substitution 
tables . A combination of the timer start section 321, the timer 
determination section 322, the first random number generation 
section 325, the random number determination section 326, the 
second random number generation section 327 r and the waiting 

20 section 328 provides a time adjustment means for adjusting a 
length ol encryption/decryption time for any plain/cipher text. 

In Fig. 17B, program sections similar to those previously 
described with reference to Kig 15B are denoted by the same 
reference numerals and the descriptions thereof will be omi tted . 

25 When the timer determination section 322 determiners that T < 
Tmax (YR5) , the first random number generation section 325 
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generates a random number r which is either 0 or 1. When the 
random number determination section 326 dcLermines that r = 
0 (YES) , the second random number generation section 327 
generates a waiting time t from random number generation. The 
b wailing Lime t is randomly determined within a range from 0 
to the maximum encryption rime. The waiting section 328 
prolongs the encryption/decryption time by the generated 
waiting time t. When it is determined that T >— Tmax (NO) , 
when r = 1, or the waiting section 320 completes the waiting 

10 step, the finally obtained cipher/plain text is returned to 
the main program that called the encryption program 3H- in 
this way, the encryption/decryption process for a single 
plain/cipher text is terminated (step 307) . 

Accordingly, the characteristic of the encryption time 

lb distribution as shown in fig . 6becomes indeterminate, resulting 
in that plain/cipher texts exhibiting the actual maximum 
encryption time and other plain/cipher texts are developed in 
the same encryption time zone. This makes it very difficult 
to extract plain texts used to determine a key differential 

20 and therefore provides an effective countermeasure against the 
cache-attack cryptanalysis. 

Eighth Embodiment 

According to an eighth embodiment ol the present invention, 
a length of encryption/decryption time is adiusted so as to make 
25 it difficult to determine a key differential. 
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Referring to Fig. 18A, an encryption system according 
to the eighth embodiment is composed of the same hardware 
components as the first embodiment: the CPU 1, the memory 2, 
and the cache memory 4, wherein an encryption program 31 is 
5 loaded into the memory 2. 

Referring to Fig. 18B, the encryption program 31 is 
composed of a key generation section 303 and a data randomi zing 
section including an input section 302, a data transformation 
section 304, an ontput .section 306, a random number generation 

10 section 331, a random number determination section 332, and 
a constant waiting section 333 . The data transformation section 
304 performs substitution using the substitution table section 
305, whi ch is composed of a predetermined number of substitution 
tables. A combination of the random number generation section 

15 331, the random number determination section 332, and the 

constant waiting section 333 provides a Lime adjustment means 
for adjusting a length of encryption/decryption time for any 
plain/cipher text . 

In Fig. 18B, program sections similar to those previously 

20 described are denoted by the same reference numerals and the 
descriptions thereof will be omitted. When the output section 
306 produces a finally obtained cipher/plain text, the 
random number generation section 331 generates a random number 
x which is either 0 or 1. When the random number determination 

25 section 332 determines that r = 0 (YFIS) , the waiting section 
333 prolongs the encryption/decryption time by a constant 
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waiting time period Tc. When r - 1 or when the waiting section 
333 completes the waiting step, the finally obtained 
cipher/plain Lext is returned to the main program that called 
the encryption program 31. In this way, the 
5 encryption/decryption process for a single plain/cipher text 
is terminated (step 307) . 

The constant time period Tc can be determined depending 
on the encryption time distribution as described in Fig. 16B. 
For example, the constant time period Tc is set. to a half 

10 Lhe maximum encryption time. A time period slightly shorter 
"or longer than a half the maximum encryption time in Fig, 0 may 
be used as Lhe constant Lime period Tc. 

Accordingly, the characteristic of the encryption time 
distribution as shown in fig. 6 becomes indeterminate, resulting 

15 in that plain/cipher texts exhibiting the actual maximum 

encryption time do not provide the same encryption time and 
these are developed in the same encryption time zone as other 
plain/cipher texts- This makes it very difficult to extract 
plain texts used to determine a key differential and therefore 

20 provides an effective countcrmeasurc against the cache-attack 
cryptanalysis . 

Tt should be noted that the waiting section 3.33 way be 
located at any location of the encryption program 31 as shown 
in Fig. 18B. Alternatively, it is possible to distribute the 

25 waiting step o£ Lhe wai Ling section 333 among the encryption 
program 31 as shown in Fig. 18D. 
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Ninth E mbod iment 

According to a ninth embodiment of the present invention, 
a lenylhol encrypLioxi/decr ypLiou Lime is adjusted so as to make 
it difficult to determine a key differential. 
5 Referring to Fig. 19A, an encryption system according 

to the ninth embodiment is composed of the same hardware 
components as the first embodiment: the CPU 1, the memory 2, 
and the cache memory 4, wherein an encryption program 3 J is 
loaded into the memory 2. 

10 Referring to Fig. 19B, Lhc encryption program 3J is 

composed of a key generation section 303 and a data randomizing 
section including an input section 302, a data transformation 
section 304, an output section 306, a random number generation 
section 334 f and a waiting section 335 . The data transformation 

1 5 secti on 304 performs substitution using the substi tution tabic 
section 305, which is composed of a predetermined number of 
substitution tables. A combination of the random number 
generation section 334, and the waiting section 3 35 provides 
a time adjustment means for adjusting a length of 

20 encrypLion/decryption time for any plain/cipher text. 

In U'ig. 19B, program sec t ions similar to those previously 
described are denoted by the same reference numerals and the 
descriptions thereof will be omitted- When the output section 
306 produces a finally obtained cipher/plain text, the 

25 random number generation section 334 generates a waiting time 
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L from random number generation. The waiting time t is randomly 
determined within a range from 0 to the maximum encryption time , 
The waiting section 335 prol ongs the encrypt ion/decrypt ion t i me 
by the generated wailing Lima L. Thereafter , the finally 
5 obtained cipher/pla in text is returned to the main program that 
called the encryption program 3 J. In this way, the 
encryption/decryption process for a single plain/cipher text 
is terminated (step 307) . 

Accordingly, the characteristic of the encryption time 

10 distribution as shown in lig . 6 becomes indeterminate, resulting 
in that plain/cipher texts exhibiting the actual maximum 
encryption time do not provide the same encryption Lime and 
those arc developed in the came encryption time zone as other 
plain/cipher texts. This makes it very difficult to determine 

15 a key differential and therefore provides an effective 
countormeaGurc against the cache-attack cryptanalysis . 

The waiting section 33b may be located at any location 
of the encryption program 3 J as shown in fc'ig. 19B . Alternatively, 
it is possible to distribute the waiting step of the waiting 

20 secti on 333 to a plurality of locati ons in the encryption program 
3 J as shown in Fig. 19D. 

Tenth Embodiment 

According to a tenth embodiment of the present invention, 
a length of encrypti on/decrypt i on time i a ad j listed so as to make 
25 it difficult to determine a key di f f erential . 
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Referring to Fig. 2 OA, an encryption system according 
to the tenth embodiment is composed of the same hardware 
components as the first embodiment: the CPU 1, the memory 2, 
and the cache memory 4, wherein an encryption program 3K is 
5 loaded inlo the memory 2. 

Referring to Fig, 20B, the encryption program 3K is 
composed of a key generation section 303 and a data randomi*ing 
section including an input section 302, a data transformation 
section 304, cin output section 306, a first random number 

10 generation section 336, a random number determination section 
337 , a second random number generation section 334 , and a waiting 
seclion 33b. The data transformation secLion 304 performs 
substitution using the substitution table section 305, which 
is composed ot a predetermined number of substitution tables. 

lb A combination of the first random number generation section 
336, the random number determination section 337, the second 
random number generation section 334, and the waiting section 
335 provides a time adjustment means for adjusting a length 
of encryption/decryption time for any plain/cipher text. 

20 In Fig. 20B, program secLiona similar Lo those previously 

described with reference to Fig 19B are denoted by the same 
reference numerals and the descriptions thereof will be omitted. 
When the output section 306 produces a finally obtained 
cipher/plain text, the first random number generation secLion 

?5 336 generates a random number r, which is either 0 or 1 . When 
the random number determination section 337 determines that 
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r = 0 (YES), Lhc second random number generation section 334 
generates a waiting tinus L from random number generation. The 
waitinq time t is randomly determined within a range from 0 
to the maximum encryption time. The waiting section 33b 
b prolongs the encryption/decryption time by the qenerated 

waiti ng t i me t - When r = 1 , or the wa i ting section 335 compl etes 
the waiting atop, thu finally obtained cipher/plain text Its 
returned to the main program that called the encryption program 
3K. Therefore, the second random number generation section 
1.0 334 and the waiting section 335 are allowed to operate only 
when r - 0 . 

Accordingly, the characteristic of the encryption time 
distribution as shown in Fig. 6 becomes i ndeterminate, resulting 
in that plain/cipher texts exhibiting the actual maximum 

15 encryption time do not provide the same encryption time and 
these are developed in the same encryption time zone as other 
plain/cipher texts. This makes it very difficult to determine 
a key differential and therefore provides an effect i.ve 
countermeasure against the cache-attack cryptanalysis , 

20 The waiting section 335 may be located at any location 

of the encryption pcogram 3Kas shown in Fig. 20B. Alternatively, 
it is possible to distribute the waiting step of the waiting 
section 333 to a pi oral i ty of locations in the encryption program 
3K as shown in Fig. 20B. 



